<?php

    require_once 'include/include.php';

?>

<html>
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
        <title></title>
    </head>
    <body>
       <?php

                if (!isset($_POST['username']))
                    show_login_form();
                else
                    if ($_POST['username'] != "" && $_POST['password'] != "")
                    {
                        database_connect();
                        $user = $_POST['username'];
                        $pass = $_POST['password'];
                        
                        $user = stripslashes($user);
                        $pass = stripcslashes($pass);
                        
                        $user = mysql_escape_string($user);
                        $pass = mysql_escape_string($pass);
                        $pass = md5($pass);
                        
                        $query = "SELECT * FROM users WHERE username ='$user' AND password ='$pass'";
                        $result = mysql_query($query);
                        $count = mysql_num_rows($result);
                        if ( $count == 1)
                        {
                            $_SESSION['loged'] = true;
                            // header redirectare
                        }
                        else
                               echo "Wrong username or password";
                        
                    }
       
       ?>
    </body>
</html>
